Security is widely recognized as a main challenge indeveloping software. Security RequirementsEngineering is an emerging field at the crossroadsbetween Security and Software Engineering, spurred bythe realization that security must be dealt with fromthe earliest phases of the software developmentprocess. This book enables understanding of thedeeper issues and challenges in developing securesystems, the concepts for capturing security aspectsof socio-technical systems, and the support needed byenterprises for the definition of security policiesas dictated by ISO security standards and dataprotection legislation. The author presents the SI*modeling language and the Secure Tropos methodologyto address the problem of modeling and analyzingsecurity requirements at the organizational level.The SI* language employs a set of concepts founded onthe notions of permission, delegation, and trust.These concepts are formalized and are shown tosupport the requirements analysis process through aformal reasoning tool. The Secure Tropos methodologyprovides facilities for analyzing securityrequirements and guidelines to identify appropriateprotection mechanisms.